package com.zhaoyd.uaademo.controller;

import com.zhaoyd.uaademo.config.security.SessionUserUtils;
import com.zhaoyd.uaademo.config.security.handler.LoginFailHandler;
import com.zhaoyd.uaademo.config.security.handler.LoginSuccessHandler;
import com.zhaoyd.uaademo.core.BaseLogger;
import com.zhaoyd.uaademo.entity.SysUser;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 登录退出controller
 */
@RestController
public class LoginController extends BaseLogger {
    private LoginSuccessHandler loginSuccessHandler = new LoginSuccessHandler();
    private LoginFailHandler loginFailHandler = new LoginFailHandler();
    private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    @Resource
    private AuthenticationManager authenticationManager;

//    /**
//     * 自定义登录接口
//     * 默认登录接口通过UsernamePasswordAuthenticationFilter来认证并将authentication存入上下文。这里是自定义的写法
//     * @param username
//     * @param password
//     * @param request
//     * @param response
//     * @throws IOException
//     * @throws ServletException
//     */
//    @PostMapping("/mylogin")
//    public void login(String username, String password, HttpServletRequest request, HttpServletResponse response)
//            throws IOException, ServletException {
//        try{
//            //这里可以增加UsernamePasswordAuthenticationFilter中没有的实现逻辑
//            if(StringUtils.isBlank(username) || StringUtils.isEmpty(password)){
//                throw new UsernameNotFoundException("用户名或密码不能为空");
//            }
//            UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
//                    username, password);
//            Authentication authentication =authenticationManager.authenticate(authRequest);
//            SecurityContextHolder.getContext().setAuthentication(authentication);
//            loginSuccessHandler.onAuthenticationSuccess(request, response,authentication);
//            log.info("用户:[{}]登录成功", username);
//        }catch (AuthenticationException e){
//            loginFailHandler.onAuthenticationFailure(request, response, e);
//        }
//    }


    /**
     * 注销接口
     * redirect到signout
     * @param request
     * @param response
     * @throws IOException
     */
    @RequestMapping("/mylogout")
    public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException{
        SysUser sysUser = SessionUserUtils.getCurrentUser();
        if(sysUser != null){
            log.info("用户:[{}]注销登录", sysUser.getUsername());
        }
        //退出转到默认的退出接口signout
        redirectStrategy.sendRedirect(request, response, "/signout");
    }

}
